For government, a long road to stopping insider threats

Dec. 6, 2013 - 06:00AM
|

Police respond to the report of a shooting at the Navy Yard on September 16 in Washington, D.C. The Pentagon is taking more steps to bolster its ability to identify and stop internal security threats. (Saul Loeb / AFP)

ADVERTISEMENT

More than three years after an Army private stole more than 250,000 documents and leaked them to the media and more than two years after President Obama signed an executive order aimed at stopping internal security threats, the Pentagon is taking more steps to bolster its ability to identify and stop such breaches of security.

Documents from the military's Washington Headquarters Services office show the Pentagon is seeking information about contractors able to participate in its internal security threat program. Responses from the interested companies are due Friday.

The request, what government officials call a request for information, seeks the following:

■ Support for the "development and implementation of security measures that also protect the handling, storing, processing and transfer of classified information."

■ Expertise in "the security clearance process to include adjudication of clearances, processing of security information files and suspension of clearances for violating security protocols to support documenting violations or attempts to bypass" regulations.

The request was part of the military's response to Executive Order 13587, which Obama issued Oct. 7, 2011, said Air Force Lt. Col. Thomas Crosson, a Pentagon spokesman. The order called for the government to develop a coordinated plan to deal with the flow of classified information between agencies and to stop the leaks of classified information.

Obama's order followed the 2010 leaks of more than 250,000 classified military and diplomatic documents to the website WikiLeaks by Army Pfc. Bradley Manning, who was convicted of stealing the information earlier this year and sentenced to 35 years in prison. Manning said in court earlier this year that he took the documents and put them on a camera digital storage card and then gave them to WikiLeaks.

The order, which put in place many proposals started after the Manning leaks, also created the government-wide Internal Threat Task Force led by the director of national intelligence and the attorney general. In May 2012, the Pentagon issued instructions to create its Insider Threat Counterintelligence Group to develop its insider threats policies.

In November 2012, the White House issued the National Insider Threat Policy that ordered greater controls over the use of government computer networks, such as those that Manning used. "This refers to audit data collection strategies for insider threat detection, leveraging hardware and/or software with triggers deployed on classified networks to detect, monitor and analyze anomalous user behavior for indicators of misuse," the policy said.

All of these steps showed the long and complicated way that executive orders get translated into policy. In this case, however, the process took long enough for another internal threat, National Security Agency technology contractor Edward Snowden, to steal an untold amount of highly sensitive, classified intelligence information and leak it to The Guardian of Great Britain and The Washington Post.

Snowden's leaks included revelations that the NSA collected information about billions of telephone calls, including those by U.S. citizens, and monitored communications of foreign leaders. The fallout has included damage to U.S. international relations and congressional attempts to curb the NSA.

Another incident in September highlighted a different insider threat: Navy IT contractor Aaron Alexis killed 12 people at the Washington Navy Yard after entering the building with a shotgun, stalking the corridors and gunning down fellow office workers before being killed by police. Alexis had a secret security clearance that he kept despite several run-ins with police that did not result in criminal convictions.

Both the Snowden and Alexis cases led to congressional demands that the military tighten its handling of security clearances and internal threats, a process that was under way long before this year's incidents.

How long this latest request is translated into more specific action is unknown. Crosson said the WHS request is not a contract solicitation but just a look to see what companies are interested in and which are able to do the work. It could be months before more detailed steps are taken.